Website Security Indicators

Comodo Dragon
displays indicators and details about the security of the connection
between it and the website you are visiting. It also alerts you if it
is unable to establish a fully secure connection with the site.

Transport
Layer Security (TLS) or Secure Sockets Layer (SSL) protocol provides
an encrypted tunnel between your computer and the site you are
viewing. All data transmitted between you and the website pass
through Internet in an encrypted manner, so that it cannot be
deciphered by third parties that try to intercept the transmission.
This prevents your sensitive data like your credit card numbers,
passwords etc. being stolen by hackers. Secure websites enforce this
protection by deploying SSL certificates on their web servers. Comodo
Dragon displays indications and details for you to check whether the
website you visit is protected by TLS/SSL and the connection security
status.

The icon at
the left of the URL in the address bar indicates whether the website
uses TLS/SSL and its current connection security status. The websites
that are not using SSL will be indicated with a blank paper icon. The
websites that use SSL to transmit information will be indicated with
a lock icon, also, the their website address will start with
'https://'. The following table contains descriptions of different
types of icons.

Icon

Description

The blank paper icon
appears when you visit sites that are not using SSL.

The green lock icon
appears when Comodo Dragon successfully establishes a secure
connection with the site you are viewing. If the site uses an Extended Validation SSL (EV SSL) certificate, the organization's
name will appear next to the icon with green text.

The alert icon appears
when Comodo Dragon detects that the site has included some
insecure content (such as images) on the page. Such content can
provide loopholes for someone to manipulate the page you’re
viewing.

The alert icon appears
when Comodo Dragon detects high-risk insecure content on the page
or when the site presents an invalid certificate. The "https"
in the URL is also crossed out when this happens.

You also can
see more details about the site’s identity, by clicking on the
icon.

To view
the site identity and connection security information

Click
on the lock/blank paper icon at the left of the URL in the address
bar

The identity
information dialog will appear as a drop-down

Select
the 'Connection' tab from the dialog

The upper
pane displays the site identity information and the lower pane
displays the connection security information. The following sections
explain more on:

The upper pane
allows you to verify the site's identity. The icon in this pane
indicates whether or not a sites uses TLS/SSL protocols. You can
identify a website as genuine and trusted if it uses a valid TLS/SSL
certificate. Invalid certificates could mean that someone is trying
to tamper with your connection to the site.

Icon

Description

Green Lock Icon

Indicates that the
identity of the website has been verified by authority. The site’s
security certificate is valid and has been verified by a trusted
third-party authority.

Orange Exclamation icon

Indicates that the
identity of this website has not been verified. The site does not
use an SSL certificate. This is normal for regular HTTP sites.

Lock with Yellow Warning
triangle

Indicates that the site
uses a SSL certificate, but with a weak security setup (SHA-1
signatures), so your connection might not be private.

Proceed with caution.
These are common mistakes in websites' configurations, but that
doesn't guarantee that your connection is secure.

Red Lock icon

Indicates that the Dragon
has identified some problems with the site's SSL certificate.
Proceed with caution, because someone on your network (like
someone sharing your wi-fi connection) might be messing with the
website. If you disclose any information on the website, the
person on the network might be able to read it.

Connection Security

Comodo Dragon
informs you whether your connection is fully encrypted. If your
connection is insecure, third parties might be able to view or tamper
with the information you provide on the site.

Icon

Description

Green Lock Icon

Indicates that your
connection to the site is encrypted. Comodo Dragon could
successfully set up a secure connection with the site you are
viewing.

Orange Exclamation icon

Indicates that your
connection to the site is not encrypted. The site is not using SSL
to transmit information. This is normal for regular HTTP sites

Lock with Yellow Warning
triangle

Indicates that your
connection to the site is encrypted but Dragon has detected some
unwanted ads or images in the page, that may create loopholes.
Avoid entering your personal information on these web pages.

Red Lock icon

Indicates your connection
to the site is encrypted, but contains some mixed scripting. Avoid
entering personal information on these web pages.

Mixed scripting is when a
page transmitted over HTTPS loads the content over HTTP. It can
create loopholes for someone to take over the page. This could be
because of third-party scripts or videos embedded on the page.